| 96 |
efrain |
1 |
<?php
|
| 1389 |
ariadna |
2 |
// Configuración de headers para respuesta JSON y CORS
|
| 96 |
efrain |
3 |
header('Content-Type: application/json');
|
|
|
4 |
header('Access-Control-Allow-Origin: *');
|
| 1389 |
ariadna |
5 |
|
|
|
6 |
// Definición de constantes para autenticación y encriptación
|
| 96 |
efrain |
7 |
define('LLWS_USERNAME', 'leaderdslinked-ws');
|
|
|
8 |
define('LLWS_PASSWORD', 'KFB3lFsLp&*CpB0uc2VNc!zVn@w!EZqZ*jr$J0AlE@sYREUcyP');
|
| 1389 |
ariadna |
9 |
define('LLWS_RSA_N', 34589927); // Clave pública RSA N
|
|
|
10 |
define('LLWS_RSA_D', 4042211); // Clave privada RSA D
|
|
|
11 |
define('LLWS_RSA_E', 7331); // Clave pública RSA E
|
|
|
12 |
define('LLWS_CATEGORY_ID', 6); // ID de categoría para cursos
|
| 96 |
efrain |
13 |
|
| 1389 |
ariadna |
14 |
// Inclusión de archivos necesarios de Moodle
|
| 96 |
efrain |
15 |
require_once(__DIR__ . '/../config.php');
|
|
|
16 |
global $DB, $CFG;
|
|
|
17 |
|
| 1389 |
ariadna |
18 |
// Inclusión de librerías de Moodle
|
| 1383 |
ariadna |
19 |
require_once($CFG->libdir . '/moodlelib.php');
|
| 96 |
efrain |
20 |
require_once($CFG->libdir . '/externallib.php');
|
| 1383 |
ariadna |
21 |
require_once($CFG->libdir . '/authlib.php');
|
|
|
22 |
require_once($CFG->libdir . '/gdlib.php');
|
|
|
23 |
require_once($CFG->dirroot . '/user/lib.php');
|
| 1389 |
ariadna |
24 |
require_once(__DIR__ . '/rsa.php');
|
|
|
25 |
require_once(__DIR__ . '/lib.php');
|
| 96 |
efrain |
26 |
|
| 1389 |
ariadna |
27 |
// Obtención y sanitización de parámetros de la petición
|
| 1384 |
ariadna |
28 |
$username = trim(isset($_REQUEST['username']) ? filter_var($_REQUEST['username'], FILTER_SANITIZE_STRING) : '');
|
|
|
29 |
$password = trim(isset($_REQUEST['password']) ? filter_var($_REQUEST['password'], FILTER_SANITIZE_STRING) : '');
|
|
|
30 |
$timestamp = trim(isset($_REQUEST['timestamp']) ? filter_var($_REQUEST['timestamp'], FILTER_SANITIZE_STRING) : '');
|
|
|
31 |
$rand = intval(isset($_REQUEST['rand']) ? filter_var($_REQUEST['rand'], FILTER_SANITIZE_NUMBER_INT) : 0, 10);
|
|
|
32 |
$data = trim(isset($_REQUEST['data']) ? filter_var($_REQUEST['data'], FILTER_SANITIZE_STRING) : '');
|
| 96 |
efrain |
33 |
|
| 1388 |
ariadna |
34 |
/*
|
|
|
35 |
$data = '';
|
|
|
36 |
$input = fopen("php://input", "r");
|
|
|
37 |
|
|
|
38 |
|
|
|
39 |
while ($line = fread($input, 1024))
|
|
|
40 |
{
|
|
|
41 |
$data .= $line;
|
|
|
42 |
}
|
|
|
43 |
fclose($input);*/
|
|
|
44 |
|
|
|
45 |
/*
|
|
|
46 |
echo 'username = '. $username . PHP_EOL;
|
|
|
47 |
echo 'password = '. $password . PHP_EOL;
|
|
|
48 |
echo 'rand = '. $rand . PHP_EOL;
|
|
|
49 |
echo 'timestamp = '. $timestamp . PHP_EOL;
|
|
|
50 |
echo 'data = '. $data . PHP_EOL;
|
|
|
51 |
|
|
|
52 |
|
|
|
53 |
/*
|
|
|
54 |
list($usec, $sec) = explode(' ', microtime());
|
|
|
55 |
$seed = intval($sec + ((float) $usec * 100000));
|
|
|
56 |
|
|
|
57 |
$username = LLWS_USERNAME;
|
|
|
58 |
$timestamp = date('Y-m-d\TH:i:s');
|
|
|
59 |
mt_srand($seed, MT_RAND_MT19937);
|
|
|
60 |
$rand = mt_rand();
|
|
|
61 |
|
|
|
62 |
$password = LLWS_PASSWORD;
|
|
|
63 |
$password = password_hash($username.'-'. $password. '-' . $rand. '-' . $timestamp, PASSWORD_DEFAULT);
|
|
|
64 |
|
|
|
65 |
$data = $rsa->encrypt(json_encode(['email' => 'usuario4@test.com', 'first_name' => 'usuario4', 'last_name' => 'test']));
|
|
|
66 |
*/
|
|
|
67 |
|
| 1389 |
ariadna |
68 |
// Validación de parámetros de seguridad
|
| 1383 |
ariadna |
69 |
if (empty($username) || empty($password) || empty($timestamp) || empty($rand) || !is_integer($rand)) {
|
|
|
70 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY1']);
|
| 96 |
efrain |
71 |
exit;
|
|
|
72 |
}
|
|
|
73 |
|
| 1389 |
ariadna |
74 |
// Validación del nombre de usuario
|
| 1383 |
ariadna |
75 |
if ($username != LLWS_USERNAME) {
|
|
|
76 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY2']);
|
| 96 |
efrain |
77 |
exit;
|
|
|
78 |
}
|
|
|
79 |
|
| 1389 |
ariadna |
80 |
// Validación del formato del timestamp
|
| 96 |
efrain |
81 |
$dt = \DateTime::createFromFormat('Y-m-d\TH:i:s', $timestamp);
|
| 1383 |
ariadna |
82 |
if (!$dt) {
|
|
|
83 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY3']);
|
| 96 |
efrain |
84 |
exit;
|
|
|
85 |
}
|
|
|
86 |
|
| 1389 |
ariadna |
87 |
// Validación del rango de tiempo del timestamp (±5 minutos)
|
| 96 |
efrain |
88 |
$t0 = $dt->getTimestamp();
|
|
|
89 |
$t1 = strtotime('-5 minutes');
|
|
|
90 |
$t2 = strtotime('+5 minutes');
|
|
|
91 |
|
| 1383 |
ariadna |
92 |
if ($t0 < $t1 || $t0 > $t2) {
|
| 96 |
efrain |
93 |
//echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY4']) ;
|
|
|
94 |
//exit;
|
|
|
95 |
}
|
|
|
96 |
|
| 1389 |
ariadna |
97 |
// Validación de la contraseña
|
| 1383 |
ariadna |
98 |
if (!password_verify($username . '-' . LLWS_PASSWORD . '-' . $rand . '-' . $timestamp, $password)) {
|
|
|
99 |
echo json_encode(['success' => false, 'data' => 'ERROR_SECURITY5']);
|
| 96 |
efrain |
100 |
exit;
|
|
|
101 |
}
|
|
|
102 |
|
| 1389 |
ariadna |
103 |
// Validación de datos
|
| 1383 |
ariadna |
104 |
if (empty($data)) {
|
|
|
105 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS1']);
|
| 96 |
efrain |
106 |
exit;
|
|
|
107 |
}
|
|
|
108 |
|
| 1389 |
ariadna |
109 |
// Decodificación de datos en base64
|
| 96 |
efrain |
110 |
$data = base64_decode($data);
|
| 1383 |
ariadna |
111 |
if (empty($data)) {
|
|
|
112 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS2']);
|
| 96 |
efrain |
113 |
exit;
|
|
|
114 |
}
|
|
|
115 |
|
| 1389 |
ariadna |
116 |
// Desencriptación de datos usando RSA
|
| 96 |
efrain |
117 |
try {
|
|
|
118 |
$rsa = new rsa();
|
|
|
119 |
$rsa->setKeys(LLWS_RSA_N, LLWS_RSA_D, LLWS_RSA_E);
|
|
|
120 |
$data = $rsa->decrypt($data);
|
| 1383 |
ariadna |
121 |
} catch (Throwable $e) {
|
|
|
122 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS3']);
|
| 96 |
efrain |
123 |
exit;
|
|
|
124 |
}
|
| 1383 |
ariadna |
125 |
|
| 1389 |
ariadna |
126 |
// Conversión de datos a array
|
| 96 |
efrain |
127 |
$data = (array) json_decode($data);
|
| 1383 |
ariadna |
128 |
if (empty($data)) {
|
|
|
129 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS4']);
|
| 96 |
efrain |
130 |
exit;
|
|
|
131 |
}
|
|
|
132 |
|
| 1389 |
ariadna |
133 |
// Extracción y validación de datos del usuario
|
| 96 |
efrain |
134 |
$email = trim(isset($data['email']) ? filter_var($data['email'], FILTER_SANITIZE_EMAIL) : '');
|
|
|
135 |
$first_name = trim(isset($data['first_name']) ? filter_var($data['first_name'], FILTER_SANITIZE_STRING) : '');
|
|
|
136 |
$last_name = trim(isset($data['last_name']) ? filter_var($data['last_name'], FILTER_SANITIZE_STRING) : '');
|
|
|
137 |
|
| 1383 |
ariadna |
138 |
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || empty($first_name) || empty($last_name)) {
|
|
|
139 |
echo json_encode(['success' => false, 'data' => 'ERROR_PARAMETERS5']);
|
| 96 |
efrain |
140 |
exit;
|
|
|
141 |
}
|
|
|
142 |
|
| 1389 |
ariadna |
143 |
// Búsqueda o creación de usuario
|
| 96 |
efrain |
144 |
$user = ll_get_user_by_email($email);
|
| 1383 |
ariadna |
145 |
if ($user) {
|
| 96 |
efrain |
146 |
$new_user = false;
|
|
|
147 |
} else {
|
|
|
148 |
$new_user = true;
|
|
|
149 |
$username = ll_get_username_available($first_name, $last_name);
|
|
|
150 |
$user = ll_create_user($username, $email, $first_name, $last_name);
|
| 1383 |
ariadna |
151 |
|
| 1389 |
ariadna |
152 |
// Procesamiento de imagen de perfil si se proporciona
|
| 1383 |
ariadna |
153 |
if ($user) {
|
| 96 |
efrain |
154 |
$filename = trim(isset($data['image_filename']) ? filter_var($data['image_filename'], FILTER_SANITIZE_EMAIL) : '');
|
|
|
155 |
$content = trim(isset($data['image_content']) ? filter_var($data['image_content'], FILTER_SANITIZE_STRING) : '');
|
| 1383 |
ariadna |
156 |
|
|
|
157 |
if ($filename && $content) {
|
| 96 |
efrain |
158 |
$tempfile = __DIR__ . DIRECTORY_SEPARATOR . $filename;
|
|
|
159 |
try {
|
|
|
160 |
file_put_contents($filename, base64_decode($content));
|
|
|
161 |
if (file_exists($tempfile)) {
|
| 1383 |
ariadna |
162 |
$usericonid = process_new_icon(context_user::instance($user->id, MUST_EXIST), 'user', 'icon', 0, $tempfile);
|
|
|
163 |
if ($usericonid) {
|
|
|
164 |
$DB->set_field('user', 'picture', $usericonid, array('id' => $user->id));
|
| 96 |
efrain |
165 |
}
|
|
|
166 |
}
|
| 1383 |
ariadna |
167 |
} catch (\Throwable $e) {
|
|
|
168 |
} finally {
|
|
|
169 |
if (file_exists($tempfile)) {
|
| 96 |
efrain |
170 |
unlink($tempfile);
|
|
|
171 |
}
|
|
|
172 |
}
|
|
|
173 |
}
|
|
|
174 |
}
|
| 1383 |
ariadna |
175 |
}
|
| 96 |
efrain |
176 |
|
| 1389 |
ariadna |
177 |
// Verificación de creación de usuario
|
| 1383 |
ariadna |
178 |
if (!$user) {
|
|
|
179 |
echo json_encode(['success' => false, 'data' => 'ERROR_MOODLE1']);
|
| 96 |
efrain |
180 |
exit;
|
| 1383 |
ariadna |
181 |
}
|
| 96 |
efrain |
182 |
|
| 1389 |
ariadna |
183 |
// Inscripción en cursos para usuarios nuevos
|
| 1383 |
ariadna |
184 |
if ($new_user) {
|
| 96 |
efrain |
185 |
$role = $DB->get_record('role', array('archetype' => 'student'));
|
|
|
186 |
$enrolmethod = 'manual';
|
| 1383 |
ariadna |
187 |
|
| 96 |
efrain |
188 |
$courses = get_courses();
|
| 1383 |
ariadna |
189 |
foreach ($courses as $course) {
|
|
|
190 |
if ($course->categoy_id == LLWS_CATEGORY_ID) {
|
| 96 |
efrain |
191 |
$context = context_course::instance($course->id);
|
|
|
192 |
if (!is_enrolled($context, $user)) {
|
|
|
193 |
$enrol = enrol_get_plugin($enrolmethod);
|
|
|
194 |
if ($enrol === null) {
|
|
|
195 |
return false;
|
|
|
196 |
}
|
|
|
197 |
$instances = enrol_get_instances($course->id, true);
|
|
|
198 |
$manualinstance = null;
|
|
|
199 |
foreach ($instances as $instance) {
|
|
|
200 |
if ($instance->name == $enrolmethod) {
|
|
|
201 |
$manualinstance = $instance;
|
|
|
202 |
break;
|
|
|
203 |
}
|
|
|
204 |
}
|
|
|
205 |
if ($manualinstance !== null) {
|
|
|
206 |
$instanceid = $enrol->add_default_instance($course);
|
|
|
207 |
if ($instanceid === null) {
|
|
|
208 |
$instanceid = $enrol->add_instance($course);
|
|
|
209 |
}
|
|
|
210 |
$instance = $DB->get_record('enrol', array('id' => $instanceid));
|
| 1383 |
ariadna |
211 |
if ($instance) {
|
| 96 |
efrain |
212 |
$enrol->enrol_user($instance, $user->id, $role->id);
|
|
|
213 |
}
|
|
|
214 |
}
|
|
|
215 |
}
|
|
|
216 |
}
|
|
|
217 |
}
|
|
|
218 |
}
|
|
|
219 |
|
| 1389 |
ariadna |
220 |
// Obtención de datos completos del usuario y login
|
| 96 |
efrain |
221 |
$user = get_complete_user_data('id', $user->id);
|
| 1391 |
ariadna |
222 |
if ($user) {
|
|
|
223 |
// Verificar si el usuario ya está conectado
|
|
|
224 |
if (!isloggedin()) {
|
|
|
225 |
// Verificar si la cuenta está confirmada
|
|
|
226 |
if (empty($user->confirmed)) {
|
|
|
227 |
echo json_encode(['success' => false, 'data' => 'ACCOUNT_NOT_CONFIRMED']);
|
|
|
228 |
exit;
|
|
|
229 |
}
|
|
|
230 |
|
|
|
231 |
// Verificar si la contraseña ha expirado (solo para autenticación LDAP)
|
|
|
232 |
$userauth = get_auth_plugin($user->auth);
|
|
|
233 |
if (!isguestuser() && !empty($userauth->config->expiration) && $userauth->config->expiration == 1) {
|
|
|
234 |
$days2expire = $userauth->password_expire($user->username);
|
|
|
235 |
if (intval($days2expire) < 0) {
|
|
|
236 |
echo json_encode(['success' => false, 'data' => 'PASSWORD_EXPIRED']);
|
|
|
237 |
exit;
|
|
|
238 |
}
|
|
|
239 |
}
|
|
|
240 |
|
|
|
241 |
// Completar el proceso de inicio de sesión
|
|
|
242 |
complete_user_login($user);
|
|
|
243 |
|
|
|
244 |
// Aplicar límite de inicio de sesión concurrente
|
|
|
245 |
\core\session\manager::apply_concurrent_login_limit($user->id, session_id());
|
|
|
246 |
|
|
|
247 |
// Configurar cookie de nombre de usuario
|
|
|
248 |
if (!empty($CFG->nolastloggedin)) {
|
|
|
249 |
// No almacenar último usuario conectado en cookie
|
|
|
250 |
} else if (empty($CFG->rememberusername)) {
|
|
|
251 |
// Sin cookies permanentes, eliminar la anterior si existe
|
|
|
252 |
set_moodle_cookie('');
|
|
|
253 |
} else {
|
|
|
254 |
set_moodle_cookie($user->username);
|
|
|
255 |
}
|
|
|
256 |
|
|
|
257 |
// Limpiar mensajes de error antes de la última redirección
|
|
|
258 |
unset($SESSION->loginerrormsg);
|
|
|
259 |
unset($SESSION->logininfomsg);
|
|
|
260 |
|
|
|
261 |
// Descartar loginredirect si estamos redirigiendo
|
|
|
262 |
unset($SESSION->loginredirect);
|
|
|
263 |
|
|
|
264 |
// Probar que la sesión funciona redirigiendo a sí mismo
|
|
|
265 |
$SESSION->wantsurl = $CFG->wwwroot . '/my';
|
|
|
266 |
|
|
|
267 |
// Enviar respuesta exitosa con datos del usuario
|
|
|
268 |
echo json_encode([
|
|
|
269 |
'success' => true,
|
|
|
270 |
'data' => [
|
|
|
271 |
'userid' => $user->id,
|
|
|
272 |
'username' => $user->username,
|
|
|
273 |
'fullname' => fullname($user),
|
|
|
274 |
'email' => $user->email,
|
|
|
275 |
'redirect' => $CFG->wwwroot . '/my'
|
|
|
276 |
]
|
|
|
277 |
]);
|
|
|
278 |
} else {
|
|
|
279 |
echo json_encode(['success' => false, 'data' => 'USER_ALREADY_LOGGED_IN']);
|
|
|
280 |
}
|
|
|
281 |
} else {
|
|
|
282 |
echo json_encode(['success' => false, 'data' => 'USER_NOT_FOUND']);
|
| 96 |
efrain |
283 |
}
|
| 1388 |
ariadna |
284 |
exit;
|